supreme-client/at.asitplus.attestation.supreme/createCsr

createCsr

suspend fun Signer.Attestable<*>.createCsr(challenge: AttestationChallenge, subjectName: List<RelativeDistinguishedName> = listOf(), additionalExtensions: List<X509CertificateExtension> = listOf(), additionalAttributes: List<Pkcs10CertificationRequestAttribute> = listOf()): KmmResult<Pkcs10CertificationRequest>(source)

Creates a signed CSR from an attestable signer. Encodes the challenge's nonce into a KnownOIDs.serialNumber subjectName and the attestation statement into a Pkcs10CertificationRequestAttribute with AttestationChallenge.proofOID. Since this operation prepares and directly signs the CSR, it may require user authentication.

Parameters

subjectName

The subject name, if required. Usually, you'll want to use pass AlternativeNames into additionalExtensions, not a subject name! By default, the RDN used for this CSR will only contain KnownOIDs.serialNumber containing the nonce from the passed challenge. Hence, the values passed to this parameter containing a KnownOIDs.serialNumber will be overwritten.

additionalExtensions

Certificate extensions to be requested. May be ignored by the issuer.

additionalAttributes

Additional CSR attributes to pack into this CSR.

Generated by Dokka
© 2026 Copyright